|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |
java.lang.Object | +--org.ssonet.net.KeyExchange
This class implements protocols for secure exchange of keys and certificates. For each transaction
the server creates an instance of this class in SSONETServerClientSocket
, and the
client creates an instance of this class in SSONETClientSocket
.
Field Summary | |
org.ssonet.net.SSONETContext |
context
|
static boolean |
debug
|
static boolean |
debugProfiling
|
Constructor Summary | |
KeyExchange(org.ssonet.io.IOStream ioStream,
org.ssonet.net.SSONETContext context,
boolean isServer)
Initializes a keyExchange object. |
Method Summary | |
java.security.PublicKey |
getPartnerMechanismCertificate()
Key exchange protocol for asymmetric algorithms: Gets a certificate from the communication partner, encrypted with the own public cipher key, decrypts it, and checks it against the sign certificate (root certificate) of the partner. |
java.security.Key |
getSessionKey(java.lang.String mechanismName,
java.lang.String provider)
KeyExchangeProtocol for symmetric algorithms, where the keySize is fix, and therefore must not be given. |
java.security.Key |
getSessionKey(java.lang.String mechanismName,
java.lang.String provider,
int keyLength)
Keyexchangeprotocol for symmetric algorithms. |
void |
sendOwnMechanismCertificate(java.security.cert.X509Certificate ownMechanismCertificate)
Keyexchangeprotocol for asymmetric algorithms: Sends a certificate to the communication partner, encrypted with the partners public encryption key. |
Methods inherited from class java.lang.Object |
clone, equals, finalize, getClass, hashCode, notify, notifyAll, toString, wait, wait, wait |
Field Detail |
public static boolean debug
public static boolean debugProfiling
public org.ssonet.net.SSONETContext context
Constructor Detail |
public KeyExchange(org.ssonet.io.IOStream ioStream, org.ssonet.net.SSONETContext context, boolean isServer) throws SSONETCertificateNotValidException, java.io.IOException
keyExchange
object. During the initialization signature certificates
and cipher certificates are exchanged between client and server and checked. For the
sign certificates (the root certificates of the partners) the CertificateListener
instances registered with this context are called.
Certificates are only exchanged once (at the start) in a connection. If the context allready holds a partners certificate, no certificates are exchanged.
ioStream
- the @see IOStream
used by this object to communicate to the partner.context
- the @see SSONETContext
, which holds all data needed to set up a connectionisServer
- determines, if protocol is used for a server (true), or a client (false)
SSONETCertificateNotValidException
- if partner certificate not valid
java.io.IOException
- if something other goes wrong, i.e. the Connection is aborted.Method Detail |
public void sendOwnMechanismCertificate(java.security.cert.X509Certificate ownMechanismCertificate) throws java.io.IOException
ownMechanismCertificate
- the certificate to send
IOException,
- if sending was not successful
java.io.IOException
public java.security.PublicKey getPartnerMechanismCertificate() throws java.io.IOException
java.io.IOException
- if something went wrong while receiving the partners mechanism
certificate, or the certificate is invalidpublic java.security.Key getSessionKey(java.lang.String mechanismName, java.lang.String provider) throws java.io.IOException, java.security.NoSuchProviderException, java.security.NoSuchAlgorithmException
mechanismName
- name of the algorithm for key generationprovider
- provider of the key generator
java.io.IOException
- if an error occures while exchanging the key.
java.security.NoSuchProviderException
- if the given provider is invalid
java.security.NoSuchAlgorithmException
- if the given mechanismName is invalidpublic java.security.Key getSessionKey(java.lang.String mechanismName, java.lang.String provider, int keyLength) throws java.io.IOException, java.security.NoSuchProviderException, java.security.NoSuchAlgorithmException
mechanismName
- session key mechanism nameprovider
- the provider of the key generatorkeyLength
- session key length, if it is < 0, the standard keylength of the given algorithm is used
java.io.IOException
- if an error occures while exchanging the key.
java.security.NoSuchProviderException
- if the given provider is invalid
java.security.NoSuchAlgorithmException
- if the given mechanismName is invalid
|
||||||||||
PREV CLASS NEXT CLASS | FRAMES NO FRAMES | |||||||||
SUMMARY: NESTED | FIELD | CONSTR | METHOD | DETAIL: FIELD | CONSTR | METHOD |